MACOS Archives - Page 2 of 15 - Cybersecurity News Everyday

ClickFix Widely Adopted by Cybercriminals, APT Groups

Summary: Since August 2024, state-sponsored hackers and cybercriminals have been using a technique called ClickFix to deploy information stealer malware. This method involves social engineering through malicious JavaScript that manipulates users into executing harmful commands. Group-IB reports an increase in this attack vector, particularly targeting users on various platforms that offer free content or software.…

Cyber Security News

Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability

March 14, 2025 Cyware

Summary: Google, Apple, and Microsoft have released emergency patches to address an actively exploited zero-day vulnerability (CVE-2025-24201) affecting the GPU on Mac and the Chromium engine used in popular web browsers. The vulnerability allows attackers to bypass security measures and has already been exploited in the wild.…

Cyber Security News

North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps

March 14, 2025 CybersecurityNews

Summary: A North Korean threat actor, ScarCruft, has developed an Android surveillance tool called KoSpy that targets Korean and English-speaking users through deceptive apps on the Google Play Store. Additionally, a series of npm packages linked to another North Korean campaign are designed to deploy malware and steal sensitive information.…

Threat Research

Ramadan Scams on the Rise: Fake Giveaways, Crypto Traps & Fraudulent Donations | CloudSEK

March 13, 2025 CloudSek

This report highlights the rise of Ramadan-related cyber scams, particularly targeting charitable contributions and crypto investments. Cybercriminals are exploiting the goodwill associated with Ramadan to spread fraudulent schemes, often using social engineering tactics to deceive victims. Understanding these scams is essential for safeguarding against potential losses.…

Threat Research

Abusing with style: Leveraging cascading style sheets for evasion and tracking

March 13, 2025 Talos

Cisco Talos has identified the misuse of Cascading Style Sheets (CSS) by threat actors to evade spam filters and track user actions and preferences, posing security and privacy risks. The blog discusses various methods of CSS abuse, including hidden text and tracking capabilities that exploit the functionality of CSS in emails.…

Cyber Security News

Enhanced XCSSET Malware Targets MacOS Users with Advanced Obfuscation

March 13, 2025 Cyware

Summary: Microsoft Threat Intelligence has identified a new variant of XCSSET malware targeting macOS developers, featuring advanced obfuscation, updated persistence techniques, and new infection strategies. The malware exploits the collaborative nature of Xcode projects, employing a four-stage infection chain that makes it difficult to detect. Although currently observed in limited attacks, its capabilities pose a significant threat to developers and users of macOS systems.…

Cyber Security News

WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback

March 13, 2025 CybersecurityNews

Summary: Mozilla is urging users to update to Firefox version 128 or higher to avoid critical issues related to an expiring root certificate, which could disrupt add-on functionality and security features. The deadline for this update is March 14, 2025, and failing to update risks exposing users to security vulnerabilities.…

0Trash

Beware! Hacker Group Lazarus Deploys Malware Packages on npm Platform; SolarWinds Helpdesk Vulnerability Exposed: Attackers Can Decrypt Sensitive Passwords – Security Bull

March 13, 2025March 13, 2025 iocOne

A recent security report highlights multiple cyber threats, including the discovery of six malicious npm packages linked to the Lazarus hacker group, which are designed to steal sensitive credentials and deploy malware. Additionally, a serious vulnerability in SolarWinds’ web help desk has been uncovered, allowing attackers to decrypt sensitive credentials.…

Cyber Security News

Mozilla warns users to update Firefox before certificate expires

March 12, 2025 BleepingComputer

Summary: Mozilla is urging Firefox users to update to version 128 or later due to the upcoming expiration of a root certificate, which could jeopardize security and functionality related to add-ons. Failure to update may expose users to significant risks, including the use of malicious add-ons and compromised password alerts.…

Cyber Security News

Zoom Addresses Multiple High-Severity Vulnerabilities in Workplace Apps and SDKs

March 12, 2025 Cyware

Summary: Zoom Communications, Inc. has issued security advisories for multiple vulnerabilities across its Workplace Apps and Meeting SDKs, with severity levels ranging from medium to high. Notable vulnerabilities include several related to privilege escalation, with CVSS scores of 8.5, as well as a denial-of-service issue affecting iOS.…

Cyber Security News

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks

March 12, 2025 CybersecurityNews

Summary: Apple has released a security update addressing a zero-day vulnerability (CVE-2025-24201) in the WebKit engine, which has been exploited in sophisticated attacks targeting specific individuals. The update includes enhanced checks to prevent unauthorized actions and is applicable to various devices and operating system versions. This is the third actively exploited zero-day resolved by Apple this year.…

Threat Research

5 Common Evasion Techniques in Malware

March 12, 2025 AnyRun

Cybercriminals continuously evolve their evasion techniques to bypass detection from security systems, making it increasingly difficult for security teams to respond to threats. This article examines common evasion tactics used by attackers, such as steganography, tool modification, and script obfuscation, detailing how these methods obscure malicious activities.…

Cyber Security News

North Korean Lazarus hackers infect hundreds via npm packages

March 12, 2025 BleepingComputer

Summary: Six malicious npm packages linked to the North Korean hacking group Lazarus have been discovered, designed to steal credentials and extract sensitive information. These packages, which have been downloaded 330 times, employ typosquatting tactics to mislead developers into installing them. Their malicious capabilities include the installation of backdoors and targeted cryptocurrency wallet thefts.…

Cyber Security News

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw

March 12, 2025 CybersecurityNews

Summary: Apple has released iOS 18.3.2 and iPadOS 18.3.2 to address a serious WebKit vulnerability, CVE-2025-24201, which has reportedly been exploited in advanced attacks against targeted individuals. This fix is crucial as it protects users from a vulnerability that allows attackers to escape the Web Content sandbox, potentially leading to unauthorized actions.…

Cyber Security News

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks

March 12, 2025 BleepingComputer

Summary: Apple has launched emergency updates to address a zero-day vulnerability, CVE-2025-24201, that has reportedly been used in highly targeted attacks. This flaw affects the WebKit browser engine across various devices and operating systems. Users are urged to install these patches quickly to mitigate further risks.…

Threat Research

Fortinet Identifies Malicious Packages in the Wild: Insights and Trends from November 2024 Onward

March 11, 2025 Fortinet

FortiGuard Labs has tracked various malicious software packages since November 2024, highlighting a range of techniques used by attackers to exploit system vulnerabilities. The analysis reveals tactics such as low-file-count packages, suspicious install scripts, and command-and-control communication methods, showcasing the malicious intent concealed within software installations.…

Threat Research

RST TI Report Digest: 10 Mar 2025

March 10, 2025March 10, 2025 iocOne

This week’s threat intelligence report reveals a range of sophisticated cyber threats, including targeted multistage malware attacks, ransomware groups adopting new backconnect malware, and social engineering tactics employed in recruitment scams. Notable threats included a campaign targeting aviation and transport in the UAE, while other malware leveraged social media for distribution.…

Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole .5 Billion in Bybit Heist

Cyber Security News

Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist

March 7, 2025 CybersecurityNews

Summary: Safe{Wallet} disclosed details about a sophisticated cyberattack on Bybit, attributed to state-sponsored North Korean hackers. The attackers employed advanced social engineering techniques to compromise a developer’s machine and hijack AWS session tokens, enabling them to conduct covert operations. The incident highlights serious security vulnerabilities in the cryptocurrency industry, which faces record losses from hacks in 2025.…

Threat Research

Unmasking the new persistent attacks on Japan

March 7, 2025 Talos

Cisco Talos discovered a malicious campaign attributed to an unknown attacker targeting organizations in Japan since January 2025, primarily exploiting the CVE-2024-4577 vulnerability to gain initial access and deploy advanced adversarial tools via Cobalt Strike. The attacker’s activities entail credential theft, system compromise, and potential lateral movement which could impact various industries.…

Tag: MACOS